If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Enjoy an ad free experience by logging in. Not a member yet? Register.

Password is irrelevant since it'll be hashed. Sensitivity matters in a hash.
Usernames are debatable. Especially if two users with the same name in different cases happen to have identical passwords.
You can enable case sensitivity by either using the COLLATE directly within your queries where clause, or by using a *_CS collation when building the table.

Personally, I'd say usernames should be case insensitive. Store them as given, but search for insensitively. Unlike an email address where case does matter, companies like google still consider both FouLu and foulu to be the same user account. Same deal, it eliminates the complexity and problems with case sensitive usernames.

PHP Code:

header('HTTP/1.1 420 Enhance Your Calm');

Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

Password is irrelevant since it'll be hashed. Sensitivity matters in a hash.

Yeah, but if I type in that my password is "HotMama", should I be able to successfully log in if I enter "hotmama" later?

Originally Posted by Fou-Lu

Usernames are debatable. Especially if two users with the same name in different cases happen to have identical passwords.
You can enable case sensitivity by either using the COLLATE directly within your queries where clause, or by using a *_CS collation when building the table.

Personally, I'd say usernames should be case insensitive. Store them as given, but search for insensitively. Unlike an email address where case does matter, companies like google still consider both FouLu and foulu to be the same user account. Same deal, it eliminates the complexity and problems with case sensitive usernames.

While testing my form - which looks for taken Usernames - that while I already had a "DoubleDee" user, that my form complained when I typed in "doubledee" because MySQL said it was the same thing (i.e. a Dup).

I think on here, when you log in, case doesn't matter for the Username, but it seems to me that it does matter on the Password.

2.4. General Syntax Principles and Transaction Model
. . .
Verbs and argument values (e.g., "TO:" or "to:" in the RCPT command
and extension name keywords) are not case sensitive, with the sole
exception in this specification of a mailbox local-part (SMTP
Extensions may explicitly specify case-sensitive elements). That is,
a command verb, an argument value other than a mailbox local-part,
and free form text MAY be encoded in upper case, lower case, or any
mixture of upper and lower case with no impact on its meaning. The
local-part of a mailbox MUST BE treated as case sensitive.
Therefore, SMTP implementations MUST take care to preserve the case
of mailbox local-parts. In particular, for some hosts, the user
"smith" is different from the user "Smith". However, exploiting the
case sensitivity of mailbox local-parts impedes interoperability and
is discouraged. Mailbox domains follow normal DNS rules and are
hence not case sensitive.

Local part (the foulu in foulu@host.com) must be treated case sensitive. If the host determines otherwise, that's their prerogative.

PHP Code:

header('HTTP/1.1 420 Enhance Your Calm');

Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

Local part (the foulu in foulu@host.com) must be treated case sensitive. If the host determines otherwise, that's their prerogative.

So basically; it should be case sensitive, but it might not be. :-)

I've never seen a case sensitive email address. I'd go for the "store as given, compare case insensitive" option.

Passwords must be case sensitive, simply because the distinction between upper and lowercase doubles the number of usable characters and you want to allow as many characters as possible in a password. As other have said: this is solved by the hash that you use to store the password (you do hash your passwords, right? )